Finjan has informed Microsoft of a bypass and cross zone scripting vulnerability in the Remote Data Service (RDS) object. Attackers could have potentially exploited this vulnerability to gain full control over and remotely execute code on user’s machines using Internet Explorer. This vulnerability applies to fully patched Windows XP SP2 system, including users of Internet Explorer version 7.0b1.
RDS is part of the Microsoft Data Access Components (MDAC) library and enables the creation and execution of objects that are not allowed to run by Internet Explorer. By exploiting this vulnerability, an attacker could have bypassed security restrictions imposed on objects and run them in the “Internet Zone.” In addition, the vulnerability could have given an attacker full control over the user’s machine, including access to information and “write” privileges to the local file system. To view a short demo showing how an attacker could have benefited from exploiting this vulnerability, click here.
Finjan provided Microsoft with full technical details, including proof-of-concept, concerning this vulnerability and assisted Microsoft with the fix. According to its code of ethics, Finjan does not publish technical details about vulnerabilities.